Kris Kennaway wrote:
> It's pretty clear what's going on..none of the directories in
> /etc/manpath.config exist, so len=0, so malloc(0) "succeeds" and does
> nothing, leaving manpathlist a null pointer.
>
> This situation can occur if e.g. you install the 'base' freebsd
> distribution into a jail, without installing any of the manpages. In
> this situation none of the manpage directories are created either.
Uh... so fix it?
Patch attached.
Yes, this returns a strdup() without verifying the allocation; just
like the caller will return the result of get_manpath() or strdup(),
without verifying the allocation. This is generally bad code, and
I'm not going to rewrite it to make all the interfaces reflexive,
like they should be, to fix a simple bug.
-- Terry
Index: manpath.c
===================================================================
RCS file: /cvs/src/gnu/usr.bin/man/manpath/manpath.c,v
retrieving revision 1.12
diff -c -r1.12 manpath.c
*** manpath.c 13 Feb 2001 16:55:42 -0000 1.12
--- manpath.c 12 Oct 2002 21:03:09 -0000
***************
*** 493,498 ****
--- 493,501 ----
lp++;
}
+ if (!len)
+ return strdup("");
+
manpathlist = (char *) malloc (len);
if (manpathlist == NULL)
gripe_alloc (len, "manpathlist");
